Mobile units equipped with a function of executing Java-AP (Java Application) software by carrying out a program written in accordance with Java (trademark registered) programming language, and downloaded via a network are in widespread use.
Java-AP software includes a Jar (Java Archive) file and an ADF (Application Descriptor File). The Jar file contains a program, which provides a user with certain Java-AP. The ADF is dependent upon the Jar file, and contains, for instance, URL showing where a Jar file is stored (hereinafter, referred to as package URL), the size of a Jar file, the most recent date when a Jar file is changed and other necessary information.
A mobile unit downloads the relevant software to the desired Java-AP by following the process described below. First, the mobile unit obtains an ADF pertaining to the desired Java-AP from a server unit, which constitutes WWW (World Wide Web).
The mobile unit, which obtains an ADF checks the content of the ADF, and determines whether the Jar file pertaining to the desired Java-AP can be installed in the mobile unit. When the mobile unit determines that Java-AP software can be installed, the mobile unit obtains from a server unit, which constitutes WWW a Jar file by using package URL contained in the ADF. The process of downloading Java-AP software is complete when the Jar file is obtained. Hereinafter, in the mobile unit, installation of the downloaded Java-AP software is carried out, and the Java-AP software can be activated when required.
Incidentally, when the Java-AP software is installed in a mobile unit the activation of Java-AP is subject to greater restriction than the activation of functions that are native to the mobile unit, such as a communication application function. The activation of a Java-AP is restricted in that it is unable to access certain data contained in a mobile unit, such as telephone numbers for example. By imposing strict restrictions in this manner, leakage or falsification of confidential data contained in a mobile unit, occurring due to malfunctioning Java-AP or caused intentionally, can be prevented.
However, imposing the above-mentioned restriction on all Java-AP uniformly does not adequately meet the needs of a user of a mobile unit or an IP (information provider). For instance, some users seem to feel that Java-AP could be allowed to refer to some of the private information stored in a mobile unit as long as security is guaranteed. Also, some IPs wish to provide Java-AP, which uses some of the private information stored in a mobile unit, or some of the functions a mobile unit is equipped with.
To fulfill these requirements, a system in which a trustworthy organization such as a communication provider providing a communication service to users of mobile units working as an authority, is entrusted with the responsibility of authorizing Java-AP to operate with greater flexibility. Mobile units using Java-AP are notified by the authorization of the operational rules set for Java-AP, and the mobile units can restrict the operation of Java-AP on the basis of the prescribed rules. In this system, only a trustworthy organization should be entrusted to administer the authorization of a more flexible operation of Java-AP.
When the above-mentioned system is applied to the downloading process of Java-AP software, information showing the authorization in an ADF or a Jar file must be included. Since a Jar file is updated by an IP as required, and it is appropriate for an IP to own a Jar file, it is appropriate for the corresponding ADF to contain information on the validity of the authorization.
However, since the content of an ADF is dependent upon a Jar file, an ADF owned by a trustworthy organization needs to be updated once an IP updates a Jar file. Also, updating an ADF becomes necessary at times even without the updating of a Jar file, as in the instance where access to a certain Jar file gets deluged, and the Jar file is moved to another server unit in the IP. In this instance, since the location where the Jar file is stored is changed, a package URL contained in the ADF needs to be changed. However, since the ADF is administered by a trustworthy organization and excludes the involvement of other agents, the updating operation of an ADF could become a very busy one.